CVE-2006-3274

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/06/2006
Last modified:
03/04/2025

Description

Directory traversal vulnerability in Webmin before 1.280, when run on Windows, allows remote attackers to read arbitrary files via \ (backslash) characters in the URL to certain directories under the web root, such as the image directory.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:* 1.2.70 (including)
cpe:2.3:a:webmin:webmin:1.2.30:*:*:*:*:*:*:*
cpe:2.3:a:webmin:webmin:1.2.40:*:*:*:*:*:*:*
cpe:2.3:a:webmin:webmin:1.2.50:*:*:*:*:*:*:*
cpe:2.3:a:webmin:webmin:1.2.60:*:*:*:*:*:*:*